Vulnerability in EPiServer.Forms

Try our conversational search powered by Generative AI!

AI OnAI Off
Products
Packages [expand] [collapse]
Services
Released in version
All versions
5.7.1
5.7.0
5.6.1
5.6.0
5.5.1
5.5.0
5.4.0
5.3.1
5.3.0
5.2.1
5.2.0
5.1.0
5.0.1
5.0.0
4.31.0
4.30.11
4.30.10
4.30.9
4.30.8
4.30.7
4.30.6
4.30.5
4.30.4
4.30.3
4.30.2
4.30.1
4.30.0
4.29.3
4.29.2
4.29.1
4.29.0
4.28.0
4.27.1
4.27.0
4.26.0
4.25.1
4.25.0
4.24.3
4.24.2
4.24.1
4.24.0
4.23.0
4.22.0
4.21.0
4.20.0
4.18.0
4.17.0
4.16.0
4.15.1
4.15.0
4.14.1
4.14.0
4.12.0
4.11.0
4.10.0
4.9.1
4.9.0
4.8.5
4.8.4
4.8.3
4.8.2
4.8.1
4.8.0
4.7.0
4.6.1
4.6.0
4.5.1
4.5.0
4.4.4
4.4.3
4.4.2
4.4.1
4.4.0
4.3.0
4.2.2
4.2.1
4.1.0
4.0.1
4.0.0
3.1.0
3.0.0.0
2.1.0.2
2.0.0.2
1.1.4.9000
1.1.2.9000
1.0.0.9000
0.21.1.9000
0.20.0.9000
0.19.4.9000

Release notes for Optimizely CMS and Customized Commerce updates

This topic lists Optimizely updates, delivered as NuGet packages and services. You decide which updates apply to your project.

Select a product, package, or service in the left menu, and then select one of the following filters from Item type and click Filter.

  • Bug – Display bug fixes.
  • Critical bug – Display only critical bug fixes.
  • Feature –  Display only new features (all features).
  • UI Feature – Display only end-user (user interface) features.

Note: NuGet packages listed here may not be immediately available in the Optimizely NuGet feed.

Latest changes

Item type
Filter on date
Items/Page
Clear filters
Area ID Type Description Released
AFORM-3581
  IsMalFormSteps does not check form.Steps for null

Fixed an issue so that IsMalFormSteps now checks form.Steps for null.

EPiServer.Forms 5.7.1;
Oct 31, 2023
AFORM-3640
  FormContainerBlockController does not handle exception properly

Fixed an issue that caused a site crash if a block threw an exception.

EPiServer.Forms 5.7.1;
Oct 31, 2023
AFORM-3620
  Security Improvement

Improved security to mitigate a security vulnerability that might give an attacker access to sensitive data in the application.

Read more at https://world.optimizely.com/blogs/phu-nguyen/dates/2023/10/vulnerability-in-episerver-forms/ 

EPiServer.Forms 5.7.0;
Oct 19, 2023
AFORM-3624
  Security Improvement

Improved security to mitigate a security vulnerability that might give an attacker access to sensitive data in the application.
Read more at https://world.optimizely.com/blogs/phu-nguyen/dates/2023/10/vulnerability-in-episerver-forms/ 

EPiServer.Forms 4.31.0;
Oct 19, 2023
AFORM-3473
  Need warning if you change the name of a form component that is used as a placeholder in the form

Added a warning that displays, if you change the name of a form component that is used as a placeholder in the form under the Settings tab.

EPiServer.Forms 4.30.11;
Sep 26, 2023
AFORM-3453
  Show error 404 when setting renderingFormUsingDivElement =true in appsettings.json

Fixed an issue that caused an error when you set renderingFormUsingDivElement=true in appsettings.json.

EPiServer.Forms 4.30.11;
Sep 26, 2023
AFORM-2639
  Cannot submit form with 'contains' conditions

Fixed an issue where you could not submit a form that had contains conditions.

EPiServer.Forms 4.30.11;
Sep 26, 2023
AFORM-3547
  [CMS 11] Form Submissions Cleanup Scheduled job throws exception after upgrading to Episerver Forms 4.30.10

Fixed an issue that generated an error with the Form Submissions Cleanup Scheduled job after you upgraded to Episerver Forms 4.30.10 (for CMS 11).

EPiServer.Forms 4.30.11;
Sep 26, 2023
AFORM-3439
  Could not save data on Rich text on Mongo Mode

Fixed an issue that prevented properties from being saved when you were in MongoDbPermanentStorage mode.

EPiServer.Forms 5.6.1;
Sep 19, 2023
AFORM-3467
  Cannot submit the form after session expired

Fixed an issue that prevented you from submitting a form if your session had expired before you went to the next step or submitted the form.

EPiServer.Forms 5.6.1;
Sep 19, 2023
1 2 3 4 5 6 Next